On Tue, Jun 6, 2023 at 4:18 AM Steve Sakoman via lists.openembedded.org <[email protected]> wrote: > > Hi Yogita, > > Thanks for helping to fix CVEs! > > Unfortunately I can't take this set of five patches in their current
Seven, not five! I can't count :-) > state. You have crafted each as an individual patch to the current > kirkstone head. As a result, after I take the first patch the rest > will not apply. > > In a case like this you should send a patch series, with each patch > taking into account the previous patch. > > Regards, > > Steve > > On Tue, Jun 6, 2023 at 2:07 AM Urade, Yogita via > lists.openembedded.org > <[email protected]> wrote: > > > > A memory consumption issue was addressed with improved memory handling. > > This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS > > 15.7.2 and iPadOS 15.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing > > maliciously crafted web content may lead to arbitrary code execution. > > > > References: > > https://nvd.nist.gov/vuln/detail/CVE-2022-46691 > > https://support.apple.com/en-us/HT213531 > > > > Signed-off-by: Yogita Urade <[email protected]> > > --- > > .../webkit/webkitgtk/CVE-2022-46691.patch | 43 +++++++++++++++++++ > > meta/recipes-sato/webkit/webkitgtk_2.36.8.bb | 1 + > > 2 files changed, 44 insertions(+) > > create mode 100644 meta/recipes-sato/webkit/webkitgtk/CVE-2022-46691.patch > > > > diff --git a/meta/recipes-sato/webkit/webkitgtk/CVE-2022-46691.patch > > b/meta/recipes-sato/webkit/webkitgtk/CVE-2022-46691.patch > > new file mode 100644 > > index 0000000000..ff9df40433 > > --- /dev/null > > +++ b/meta/recipes-sato/webkit/webkitgtk/CVE-2022-46691.patch > > @@ -0,0 +1,43 @@ > > +From fd57a49d07c9c285780495344073350182fd7c7c Mon Sep 17 00:00:00 2001 > > +From: Yijia Huang <[email protected]> > > +Date: Mon, 10 Oct 2022 15:42:34 -0700 > > +Subject: [PATCH] [JSC] Should model BigInt with side effects > > + https://bugs.webkit.org/show_bug.cgi?id=246291 rdar://100494823 > > + > > +Reviewed by Yusuke Suzuki. > > + > > +Operations with two BigInt operands have side effects, > > +which should not be hoisted from loops. > > + > > +* Source/JavaScriptCore/dfg/DFGClobberize.cpp: > > +(JSC::DFG::doesWrites): > > +* Source/JavaScriptCore/dfg/DFGClobberize.h: > > +(JSC::DFG::clobberize): > > + > > +Canonical link: https://commits.webkit.org/255368@main > > + > > +CVE: CVE-2022-46691 > > + > > +Upstream-Status: Backport > > +[https://github.com/WebKit/WebKit/commit/fd57a49d07c9c285780495344073350182fd7c7c] > > + > > +Signed-off-by: Yogita Urade <[email protected]> > > +--- > > + Source/JavaScriptCore/dfg/DFGClobberize.h | 2 ++ > > + 1 file changed, 2 insertions(+) > > + > > +diff --git a/Source/JavaScriptCore/dfg/DFGClobberize.h > > b/Source/JavaScriptCore/dfg/DFGClobberize.h > > +index 0363ab20dcd8..4b1bcfea1fd7 100644 > > +--- a/Source/JavaScriptCore/dfg/DFGClobberize.h > > ++++ b/Source/JavaScriptCore/dfg/DFGClobberize.h > > +@@ -811,6 +811,8 @@ void clobberize(Graph& graph, Node* node, const > > ReadFunctor& read, const WriteFu > > + case ValueBitRShift: > > + // FIXME: this use of single-argument isBinaryUseKind would > > prevent us from specializing (for example) for a HeapBigInt left-operand > > and a BigInt32 right-operand. > > + if (node->isBinaryUseKind(AnyBigIntUse) || > > node->isBinaryUseKind(BigInt32Use) || node->isBinaryUseKind(HeapBigIntUse)) > > { > > ++ read(World); > > ++ write(SideState); > > + def(PureValue(node)); > > + return; > > + } > > +-- > > +2.40.0 > > diff --git a/meta/recipes-sato/webkit/webkitgtk_2.36.8.bb > > b/meta/recipes-sato/webkit/webkitgtk_2.36.8.bb > > index 1dac4f5677..02258f84e4 100644 > > --- a/meta/recipes-sato/webkit/webkitgtk_2.36.8.bb > > +++ b/meta/recipes-sato/webkit/webkitgtk_2.36.8.bb > > @@ -17,6 +17,7 @@ SRC_URI = > > "https://www.webkitgtk.org/releases/${BP}.tar.xz \ > > > > file://0001-When-building-introspection-files-do-not-quote-CFLAG.patch \ > > file://CVE-2022-32888.patch \ > > file://CVE-2022-32923.patch \ > > + file://CVE-2022-46691.patch \ > > " > > SRC_URI[sha256sum] = > > "0ad9fb6bf28308fe3889faf184bd179d13ac1b46835d2136edbab2c133d00437" > > > > -- > > 2.40.0 > > > > > > > > > > >
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#182441): https://lists.openembedded.org/g/openembedded-core/message/182441 Mute This Topic: https://lists.openembedded.org/mt/99361658/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
